Wednesday, December 8, 2010

Final Blog

The main premise of this blog was to explore how technology has changed privacy. There are two themes prevalent throughout all the former postings. Lack of knowledge or secrecy and an institution with vested interest in maximal knowledge about you. In all the instances I've examined there has been a larger and powerful institution yearning to discover more about you. Whether it's with an eye to prosecute you, protect you, control you, or save your life, there is an organization that wants to dig deeper and discover more.

This isn't a new concept, knowledge is priceless and always has been. However, with the development of increasingly better or more powerful technology it has become increasingly easier and tempting to push the boundaries. Even when the technology isn't intended for monitoring or surveillance. As long as the technology grants access to information that was previously incomplete or inaccessible it will be utilized. During the Cold War it would have been impossible to tap and monitor all forms of communication, let alone having the capability to do so with the entire population. I would guess if such technology was available though, they would have used it in a heart beat. Privacy has all but vanished today. What little is left is quickly diminishing. The progression of more knowledge and less privacy is being fueled by technology.

After researching for this blog I had an epiphany. Although technology is the soul of privacy loss, secrecy is at the heart of the problem. These institutions keep what they're doing out of the public eye. Americans, especially so, have fierce views on liberty and a right to privacy. There would be an absolute uproar if these issues I explored earlier were stated plainly to the general public. Which is obviously why they are not. Technology cannot be reversed and will always push forward. As individuals and a population as a whole we should be looking to technology as the institutions are. How can technology be used to monitor them? How can technology secure more privacy for ourselves? What legislation should we push to secure our right to do so before that vanishes as well. Most importantly when we read about a new invention, innovation or even standard piece of technology we shouldn't be taking it at face value. If it's capable of offering more information it is of value to someone somewhere. Be alert to that.

Who is Invading Your Privacy: Personal Data Ecosystem

This is a short and sweet blog. The FTC just published a report on issues in regards to data collection online. In their report the FTC outlined who gathers the information and how it's distributed. If a picture says a thousand words, this one certainly says a thousand words on the subject of who has access to your information and how. Here's a PDF download of the image for closer inspection or personal use.

Thursday, November 25, 2010

Privacy and the Government: Monitoring the Populace


There can be no discussion about monitoring the populace without a discussion of the Patriot Act. The Patriot Act is my orders of magnitude the most influential piece of government legislation that has violated privacy, civil liberties, and rights. I argue that these violations were only possible because of the development of technology that was previously unavailable.



Sneak and Peek- Sec 213
Put your mind at ease, the government can't search your property or possession without a warrant. They just don't have to tell you they've done. It's called "delayed notice." Though delayed notice isn't anything new to government and law enforcement there's a twist added by the Patriot Act. Sneak and Peak warrants are now infinitely easier to get even for minor infractions, available in every jurisdiction, and have no limit on how long notification can be delayed. Nearly a decade after the Patriot Act was passed statistics over how Sneak and Peek Warrants are used has come out, keep in mind the Patriot Act was passed to stop terrorists. "Of 21 criminal offense categories for which warrants were issued or extended, terrorism ranked 19th, exceeding only conspiracy and bribery." The question arises, if terrorists weren't the ones being searched, who were? Sixty two percent of the warrants issued were directed at those suspected of drug trafficking.

Foreign Intelligence Wiretaps and Searches- Sec 218
This section is a bit harder to figure out as there is no released information. The Patriot Act basically says one can wiretap if someone is suspected of being an agent of a foreign power and who's significant purpose, not main or ONLY purpose, being here is to gather information. How an agent of foreign power is defined or how their purpose is discovered is left to conjecture as there are no procedures outlined.

Roving Wiretaps- Sec 206
One warrant covers it all. The government no longer needs to be specific over what they want to run a wiretap or surveillance on. One warrant will do it, with a warrant granted to tap a house phone someone's cellphone, PC, and all other forms of communication can be monitored as well.

Summary
These are the portions of the Patriot Act that never expire or have been extended by the current administration. There were more invasive provisions over access to records such as one's library books. Officially these practices have been put to rest. However, data dealing with these violations of a citizens rights are rare and far between. It's too "sensitive" or "classified" to be released. Though we can look to other stories to show how the fed operates, for instance monitoring the populace's credit cards in real time, without a warrant. Fifteen years ago such an act would be unimaginable. The technology to conduct such massive surveillance only existed in science fiction. With the advent of better technology our government is abusing it to keep an eye on everything.


Wednesday, November 17, 2010

Privacy and the Government: Identification

Let's talk about the Real ID Act or PASS ID, the name by which the Real ID Act is masquerading today. Chances are you haven't heard of it, unless your initials are S.W. In this article we will talk about what the act is (including a brief history of its changes), what it entails, and who is going to participate in it. Most importantly what are the implications for your privacy. The importance isn't whether or not these acts have passed, as the Real ID has been refused by many states and the PASS ID doesn't have a much better future. What is important is the information the government wants and what it has repeatedly tried to organize and gather it.


What is the Real ID Act
On the surface the Real ID Act seems to simply set standards for acceptable government identification. However, it does not affect just federally issued ID's it sets the standard for all state issued ID's as well. Congress didn't stop there the act has more implications. It deals with visas, destroying laws that inhibit or restrict the building of physical barriers at the boarders, and basically who they can arrest and have expel from this country. The official word from the government is that this act is to protect privacy, as Michael Chertoff tells us. Though, to some ears such as past presidential hopeful and senator Ron Paul, it doesn't sound like protection of privacy, it sounds like organizing and controlling the populace through fear mongering.


Facts
What is required by the Real ID Act to get a "real Id"?
  • A photo ID, or a non-photo ID with full legal name and birth date
  • Documentation of birth date (such as a birth certificate)
  • Documentation of legal status
  • Documentation with Social Security Number (SS Card)
  • Documentation showing both name and principal residence address
  • Documentation must be authenticated by each time presented
Don't forget, that any documentation you present will be verified, scanned and stored in a database, of course. This has all remained under the PASS ID except in regards to the birth certificate, which does not have to be verified. Instead of a list of what's require to gain an ID try to view this what information will be verified and stored indefinitely.
What's on the card?
Information wise the card will hold much of the same information as state ID's did before. Birthday, weight, height, picture, etc. Though there will be a lovely gem added, an RFID chip. Which, if you don't know, is used for tracking and remote access to information. Don't forget that the picture on the idea has to be digitally recognizable to international data programs.
Who has to have it?
For all intents and purposes, everyone. If you want to enter a federal building, open a bank account, fly, apply for Social Security benefits, student loans, open a post office box, or drive you're going to need one. I don't know a single person who won't have to switch over to the new form of ID.

Personal Conclusions

People need to wake up. The PASS ID is the governments second attempt to create and standardize a national ID. An ID that can track you, that carries all your information, stores your documents indefinitely in a digital database, and one that you can't escape from having if you want to function within our society. Additionally this ID links your information to an international identification system. If this or any of its assured reincarnations pass it will be the end of privacy as we know it.

Thursday, November 11, 2010

Privacy and the Law: Search and Seizure

What's wrong with this picture? Besides how outdated that phone is. A police officer is searching a cellphone without a warrant. Laws differ from state to state over what is permissible in regards to privacy rights and technology. Currently there are two ways by which law enforcement gets away with searching a phone without a warrant.




Search Incident to Arrest Doctrine
In 1973 the Supreme Court ruled that police officers could search the body, clothing, surrounding (anywhere within an arestee's area of reach), and any open containers in possession or in the surroundings of arrested individual, in order to ensure the safety of the officer. In 1981 the Supreme Court further found that an officer could open containers already closed to find evidence (previously not permitted). These rulings by the Supreme Court were clearly passed before the development of cellphone technology. However, cellphone technically speaking "contains information." The justification then would be to classify cellphones (or smart phones) as a container, allowing it to be searched without a warrant after a valid arrest. In 2007 the US Fifth Circuit affirmed this line of thinking, saying text messages and call history are searchable. The basic premise behind the Search Incident to Arrest Doctrine is to ensure officer safety and prevent an arrestee from destroying or altering evidence.

Booking Search
This is not as frequently used by law enforcement. The line of justification goes like this: when booking someone into jail after an arrest their items must cataloged to ensure everything is left in tact, this means going through wallets and taking note of the personal information present, when cataloging a cellphone there is personal information present, it should be noted to ensure that nothing has been lost when the cell is finally returned. Thankfully this justification has been recently rejected as a valid means for searching a cellphone.

Ramifications
The ramifications are obvious. In a modern cellphone there is more information present then it was ever possible for an individual to carry before. Someone pulled over for speeding could end up booked and in jail for sex crimes or drugs.

Unanswered Questions
How far should a police officer be allowed to explore a cellphone? Just the texts and calls? What about email and browsing history. Can they look at the subject lines of an email or the actual texts? What about pictures and videos? Should law enforcement be granted access to information not stored on the phone but which the phone is synced to? If it's linked to a Facebook page can the cop read messages from there and explore pictures, videos, and everything else? What about mobile banking, should they be allowed to see how you've spent money?

Solutions
In the only complete and authoritative piece dealing specifically with new technology and Search Incident to Arrest Adam Gershowitz outlines the possible approaches to these new problems.

  • Solution A: "Change Nothing: The Search Incident to Arrest Rule Works Well, So Changing It to Account for New Technology is Not a Good Idea" (Gershowitz, pg. 45)*
Argument For: The Incident to Arrest Rule is simple, making it easy for the courts to decide when it has or has not been violated. Adding exceptions and limitations could cloud the issue. There is nothing to say that an officer will search a phone.
Argument Against: There has never been a time in human history let alone legal history where so much personal information is at the mercy of law enforcement and their access to it MUST be limited. Cops perform searches after a traffic stop 6.6 percent of the time (Gershowitz, pg. 47)*. This is a fairly high percentage for a standard traffic stop.

  • "Change Everything: Limiting the Search Incident to Arrest Doctrine in all Police Interactions to a Search Related to the Crime of Arrest" (Gershowizt, pg. 48)*
Argument For: For traffic stops police would not typically be allowed to search a cellphone, as speeding or other such traffic violations have nothing to do with a cellphone. In incidents where the phone can be searched the cop would be constrained to looking only at information that could be connected to the crime of arrest. If it the arrest was based on distributing drugs it would be justifiable to search texts and calls as those are related to distribution while pictures and other such applications would be bared as they have nothing to do with the crime.
Argument Against: It allows searches based on suspicion instead of focusing on officer safety

  • "Change By a Different Sovereign: Encouraging State Legislatures to Adopt a More Protective Rule" (Gershowitz, pg. 50)*
Argument For: Legislators have a vested interest in limiting police investigatory power in this situation. They are among the demographic which carries a cellphone. Legislators might find more incentive in protecting cellphone privacy as their voting base is full of carrying individuals.
Argument Against: Federal courts offer stronger influence over constitutional issues when compared to state courts. It doesn't eliminate the initial rulings that have caused the problems. There is no reason as to why a state court would have a better aproache to handling the Incident to Arrest Doctrine then the federal courts. It would be limited to the state which passed the legislation instead of remedying the situation nationally.

  • "Change the Margins: The Open Application Test" (Gershowitz, pg 53)
Argument For: If you exit out of an application that application would be exempt from police examination. This would limit the scope of the search and allow a citizen to have power over what is accessible.
Argument Against: How could we ever know if a police officer was telling the truth about what was open? If an arrestee was allowed to close out of applications they could simply delete evidence out. Which defeats the purpose of the Search Incident to Arrest when utilizing it to preserve evidence.

  • "Changing the Bright Line Rule: Limiting the Search Incident to Arrest Doctrine to Five Steps of Searches" (Gershowitz, pg 54)*
Argument For: It's an easy and universally applicable rule. Theoretically making it easy for courts and law enforcement to understand and judge.
Argument Against: Can you imagine the gray areas that are entailed by this approach? What exactly should count as a "step?" Not to mention that each court case would spend countless hours on proving that a phone was even switched on let alone what steps truly occurred. Finally, why five steps? How many are appropriate? This aspect would be debated to no end.

  • "Distinguishing Between Data on the Device and Remotely Stored Data Accessible From the Device" (Gershowitz, pg. 56)
Argument For: It would limit what the officer could look at. Only information one selected specifically to be on the phone would be accessible. Touchy information could be stored remotely and thus be safe from prying eyes. This approach doesn't call for throwing out the Search Incident to Arrest Doctrine and doesn't drastically change it.
Argument Against: What if an the web browser or some other application that accesses remote information is open at the time of arrest? This would, in a theoretical sense, place the web browser within an arrestee's sphere of influence. Which is allowed to be searched under the current doctrine and wouldn't be changed by adopting a line between data that resides on and off the device. Therefor, such an application could arguably be searched. Now we are back to the issue of proving if an application was or was not open.

My Take
I feel a search incident to arrest (if we must keep such a rule) should be limited to the crime of arrest. This would return a lot of privacy to citizens that has been denied under the current doctrine. It's a clear rule that would be hard to blur the lines of as well.



*Page specific information is given as there is not way to provide a direct link to the page

Wednesday, November 3, 2010

Your Medical Privacy (tissue issues)

When dealing with the subject of technology and privacy there is a tendency for people to go straight to innovations specifically created to aid or violate privacy. If you are talking about technology and medicine typically the discussion will not venture far from "the changes technology has brought about to save lives." Privacy in the context of medicine is seldom dealt with. However, when the subject does arrive it mainly focuses on doctor patient confidentiality. This post will delve into how medical technology has altered privacy when it comes to health.

What's Taking Place Now
Let's start with one important revelation. Doctors do not have to ask or tell you when they use you or your records in medical research. By "you" I am referring to any cells or body parts no longer a part of you. In medical research on a human beings, there must be consent, as The Nuremberg Code clearly states. However, anything you've had removed (tonsils, kidneys, tumors, blood, etc) is up for grabs to the medical community. No they do not have to ask, no they do not have to tell you. This occurs more then you realize, take the most famous cell growth ever cultivated, HeLa.

In nearly all important medical innovations from the Polio Vaccine to HIV research HeLa was there. HeLa was the first immortal cell cultivation, meaning it was the first cell culture that would keep growing. It has been the means by which science has come up with countless cures and the cell used in hundreds of thousands of vital research projects, that has extended and improved the quality of human life. The most astonishing part of HeLa's legacy isn't the medical advance gained, it's how the HeLa cells were initially acquired. They were taken from Henrieta Lacks while she was at John Hopkins medical center receiving treatment for cervical cancer in 1951. Without her or her families knowledge.

"Today most Americans have their tissue on file somewhere"
(pg. 315). Exactly how many of us have our tissues on file? "A conservative estimate from the tissue collections described in this book is that more than 307 million specimens from more than 178 million cases are stored in the United States, accumulating at a rate of more than 20 million per year." This study was done in 1999. If the rate has continued as expected, that means that over 220,000,000 of us have our tissues on file. They can be stored anywhere from the hospital to FBI data bases. The moral of the story is, even when technology is developed for good it is important to pay attention to your rights and privacy. Blind trust has never served any good.

It is a little late to say "stop using tissue samples like this and get rid of them." Tissue cells gathered in this manner is the main means by which science is able to conduct research. The more samples the better the understanding and medicine theoretically. Obviously one should be cautious of anything like this. There exists no legal ruling in regards to ownership rights over cells or surgically removed parts. As Rebecca Skloot says in The Immortal Life of Henrieta Lacks, "there are, essentially, two issues to deal with: consent and money" (pg. 317).

Consent
With most tissue research consent is not required because it is not federally funded (thus excluding it from federally imposed standards that exist) and does not entail direct contact between the researcher and the donor. Two main issues arise when looking at consent, should donors have control over what research is conducted and who has access to it?

Money
Of course tissues will be commercialized, medicine is a commercial industry. The question is how do you deal with the "individual." Compensating patients will in all likelihood lead to profit seeking habits. Although, currently everyone involved besides the donor (typically) makes a profit. Ownership over tissue and patents are erupting everywhere. Institutions and companies and even individual are patenting certain genes creating a monopoly over all research that is conducted involving any of the patented genes. Not only does it inhibit research but it inhibits testing for those patented diseases on patients. Clearly the commercial aspects have truly limited research and treatment of disease. The medical community is unsure as to how to best handle this, as profit is what drives the research in the first place. Should profit be mentioned to a patient before gathering the sample?

How it Should Be (personal opinion)
There MUST be consent. At some point the donor needs to be made aware of what is taking place and the possible ramifications. Legislation needs to be passed creating laws to protect patient rights and enforce consent. As for how to handle the money aspect I'm less decisive. Though the idea of a certain percentage of profits made from tissue samples being placed into funds benefiting the public that the tissue originated from is appealing.